Nginx And DDOS Protection
- Category : Linux Helpline (Easy Guide)
- Posted on : Apr 20, 2019
- Views : 2,245
- By : Barton S.
cPnginx and Danginx can use to protect the HTTP DDOS as follows,
Edit the file /etc/sysctl.conf and increase the openfile limits. Add the following line,
fs.file-max = 700000
Edit /etc/security/limits.conf and add the following lines,
nobody soft nofile 100000
nobody hard nofile 500000
Now apply the sysctl configuration using the following command .
# sysctl -p
Now edit the /usr/local/nginx/conf/nginx.conf file and add the following line.
worker_rlimit_nofile 50000;
1) Add the following sysctl parameters,
net.ipv4.tcp_syncookies = 1
# source validation / reversed path
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1
kernel.pid_max = 65536
net.ipv4.ip_local_port_range = 9000 65000
2) Use the RateLimit module , http://wiki.nginx.org/HttpLimitZoneModule It must be placed inside http block
limit_zone slimits $binary_remote_addr 10m;
limit_conn slimits 10;
3) You can also use the following too,
limit_req_zone $binary_remote_addr zone=slimitss:10m rate=1r/s;
limit_req zone=slimitss burst=10;
Categories
- cPanel Question 47
- cPanel Software Management 29
- cPanel Tutorials 13
- Development 29
- Domain 13
- General 19
- Linux Helpline (Easy Guide) 156
- Marketing 47
- MySQL Question 13
- News 2
- PHP Configuration 14
- SEO 4
- SEO 42
- Server Administration 84
- SSL Installation 54
- Tips and Tricks 24
- VPS 3
- Web Hosting 44
- Website Security 22
- WHM questions 13
- WordPress 148
Subscribe Now
10,000 successful online businessmen like to have our content directly delivered to their inbox. Subscribe to our newsletter!Archive Calendar
Sat | Sun | Mon | Tue | Wed | Thu | Fri |
---|---|---|---|---|---|---|
1 | ||||||
2 | 3 | 4 | 5 | 6 | 7 | 8 |
9 | 10 | 11 | 12 | 13 | 14 | 15 |
16 | 17 | 18 | 19 | 20 | 21 | 22 |
23 | 24 | 25 | 26 | 27 | 28 | 29 |
30 |
Recent Articles
-
Posted on : Sep 17
-
Posted on : Sep 10
-
Posted on : Aug 04
-
Posted on : Apr 01
Tags
- ts
- myisam
- vpn
- sql
- process
- kill
- tweak
- server load
- attack
- ddos mitigation
- Knowledge
- layer 7
- ddos
- webmail
- DMARC
- Development
- nginx
- seo vpn
- Hosting Security
- wireguard
- innodb
- exim
- smtp relay
- smtp
- VPS Hosting
- cpulimit
- Plesk
- Comparison
- cpu
- encryption
- WHM
- xampp
- sysstat
- optimize
- cheap vpn
- php-fpm
- mariadb
- apache
- Small Business
- Error
- Networking
- VPS
- SSD Hosting
- Link Building
- centos
- DNS
- optimization
- ubuntu